﻿<?php

/**
 * Description of ManagingController
 * 用户管理
 * @author etpasse
 */
//require_rewrite(MODULE_ROOT."manager/admin/groupManager.class.php");
require_rewrite(MODULE_ROOT . "manager/admin/LogManager.class.php");
require_rewrite(ROOT_PATH . "data/UserConfig.class.php");

class UserController extends BaseController {

    private $method;

    //private $left_meun;
    public function __construct() {
        parent::__construct();
        //取得页面访问方式
        $this->method = Handler_http::getMethod();
    }

    /**
     * 用户管理
     */
    public function userList() {
        $userlist = new ManagingModule();
        if ($this->method == "POST") {
            $sel['txtaudit'] = $_POST['txtaudit'];
            $sel['txtusername'] = $_POST['txtusername'];
            $this->tpl->assign('txtaudit', $sel['txtaudit']);
            $this->tpl->assign('txtusername', $sel['txtusername']);
        }
        $this->tpl->assign('userlist', $userlist->sql_user($sel, false));
        $this->tpl->display("user/user_list.html");
    }


    /*
     * 授权 | 修改密码 
     */

    public function updateUserDetail() {
        $type = $_GET['type'];
        $userid = $_GET['userid'];
        $pwd_arr = Handler_validate::getExpressions();
        $detail = new ManagingModule($userid);
        $details = $detail->sql_user('', false);
        if ($this->method == "POST") {
            $userid = $_POST['userid'];
            $post_type = $_POST['type'];
            $audit_type_log = 1;
            if($post_type==1){
                $password = $_POST['txtpassword'];
                $txtpassword_confirm = $_POST['txtpassword_confirm'];
                if (!empty($password)) {
                    $user['password'] = md5($password . ADMIN_KEY);
                } else {
                    $user['password'] = "";
                }
                if ($password != $txtpassword_confirm) {
                    Handler_tool::alertAndRedirect('两次输入的密码不同，请重新输入！', HTTPFILEURL . '/user/updateUserDetail/?userid=' . $user['userid'] . '&type=1');
                }
                if (!empty($password) && !empty($txtpassword_confirm)) {
                    if (!preg_match($pwd_arr['str'], $password) || strlen($password) != intval($pwd_arr['length'])) {
                        Handler_tool::alertAndRedirect('请输入指定格式组成的密码！', HTTPFILEURL . '/user/updateUserDetail/?userid=' . $user['userid'] . '&type=1');
                    }
                }
                if($detail->update_pwd($user,$userid)){
                    $this->auth_add_sql_log($audit_type_log, $details[0]['username ']);
                    Handler_tool::alertAndRedirect('该用户密码修改成功！', HTTPFILEURL . '/user/userList/');
                }else{
                    $this->auth_add_sql_log(4, $details[0]['username ']);
                    Handler_tool::alertAndRedirect('修改失败,请重新填写！', HTTPFILEURL . '/user/updateUserDetail/?userid=' . $userid . '&type=1');
                }
            }
            if($post_type==2){
                $user['is_audit'] = $_POST['is_audit'];
                $user['login_land'] = $_POST['login_land'];
                if (!empty($user['is_audit']) && $details[0]['is_admin'] != $user['is_audit']) {
                    //设置权限
                    $audit_type_log = 2;
                }
                if (!is_numeric($user['is_audit']) && $details[0]['is_admin'] != $user['is_audit']) {
                    //取消该用户权限
                    $audit_type_log = 3;
                }
                if($detail->set_user_isadmin($user,$userid)){
                    if($audit_type_log == 2 || $audit_type_log==1){
                        UserDao::lock_recovery(0, $userid);
                    }
                    if($audit_type_log == 3){
                        UserDao::lock_recovery(1, $userid);
                    }
                    $this->auth_add_sql_log($audit_type_log, $details[0]['username ']);
                    Handler_tool::alertAndRedirect('对用户授权成功！', HTTPFILEURL . '/user/userList/');
                }else{
                    switch($audit_type_log){
                        case 2:
                            $log_type=5;
                            break;
                        case 3:
                            $log_type=6;
                    }
                    $this->auth_add_sql_log($log_type, $details[0]['username ']);
                    Handler_tool::alertAndRedirect('用户授权失败,请重新进行授权！', HTTPFILEURL . '/user/updateUserDetail/?userid=' . $userid . '&type=1');
                }
            }
        }
        if ($type == 1) {
            $this->tpl->assign('pwdTxt', $pwd_arr);
        }

        $this->tpl->assign('type', $type);
        $this->tpl->assign('userid', $userid);
        $this->tpl->assign('detail', $details);
        $this->tpl->assign('dep_data', $detail->sql_department_data());
        $this->tpl->assign('level', UserConfig::$userlevel[$details[0]['level']]);
        $this->tpl->assign('userlevel', UserConfig::$userlevel);
        $this->tpl->display("user/user_information.html");
    }

    /**
     * 记录用户操作审核日志
     */
    private function auth_add_sql_log($auth, $username) {
        switch ($auth) {
            case 1:
                $msg = '修改该用户密码成功';
                break;
            case 2:
                $msg = '对用户授权成功';
                break;
            case 3:
                $msg = '取消该用户权限成功';
                break;
            case 4:
                $msg='修改该用户密码失败';
                break;
            case 5:
                $msg='对用户授权失败';
                break;
            case 6:
                $msg='取消该用户权限失败';
                break;
        }
        $log_id = LogManager::writeAdminModifyLog($this->user['id'], $this->user['username'], $msg . $username);
        LogManager::writeAuditLog($this->user['id'], $this->user['username'], $log_id, 1, 2);
        UserDao::sqlUpUserBakLog($username, $log_id);
    }

    /**
     * 锁定/恢复用户
     */
    public function auth_lock_recovery_user() {
        header("Content-type:text/html;charset=utf-8");
        $type_oper = $_GET['typeOper'];
        $userid = $_GET['userid'];
        $userdata = UserDao::getUserList($userid, false);
        switch ($type_oper) {
            case 1:
                $oper = UserDao::lock_recovery(1, $userid);
                if ($oper) {
                    $log_id=LogManager::writeAdminModifyLog($this->user['id'], $this->user['username'], '锁定用户 ' . $userdata[0]['username'].' 成功');
                    LogManager::writeAuditLog($this->user['id'], $this->user['username'], $log_id, 1, 2);
                    Handler_tool::alertAndRedirect('该用户锁定成功！', HTTPFILEURL.'/user/userList/');
                } else {
                    $log_id=LogManager::writeAdminModifyLog($this->user['id'], $this->user['username'], '锁定用户 ' . $userdata[0]['username'].' 成功');
                    LogManager::writeAuditLog($this->user['id'], $this->user['username'], $log_id, 1, 2);
                    Handler_tool::alertAndRedirect('该用户锁定失败！', HTTPFILEURL.'/user/userList/');
                }
                break;
            case 2:
                $oper = UserDao::lock_recovery(0, $userid);
                if ($oper) {
                    $log_id=LogManager::writeAdminModifyLog($this->user['id'], $this->user['username'], '恢复用户 ' . $userdata[0]['username'].' 成功');
                    LogManager::writeAuditLog($this->user['id'], $this->user['username'], $log_id, 1, 2);
                    Handler_tool::alertAndRedirect('该用户恢复成功！', HTTPFILEURL.'/user/userList/');
                } else {
                    $log_id=LogManager::writeAdminModifyLog($this->user['id'], $this->user['username'], '恢复用户 ' . $userdata[0]['username'].' 失败');
                    LogManager::writeAuditLog($this->user['id'], $this->user['username'], $log_id, 1, 2);
                    Handler_tool::alertAndRedirect('该用户恢复失败！', HTTPFILEURL.'/user/userList/');
                }
                break;
        }
    }
    
    public function shouquan(){
            $checks_id = $_POST['checkids'];
            if(empty($checks_id)){
                exit(0);
            }
            $checks_id=rtrim($checks_id,",");
            $check_arr=explode(",",$checks_id);
            $sql="UPDATE user_user SET `is_admin`=0 where id in (";
            foreach ($check_arr as $val) {
                if(is_numeric($val)){
                    $sql.= "{$val},";
                }
            }
            $sql=rtrim($sql,",");
            $sql.=")";
            $set_return=new ManagingModule();
            $return=$set_return->set_piliang($sql);
            echo $return;
            exit;
    }

}

?>